[Freeipa-devel] [PATCH] binary encode xmlrpc binary data
Kevin McCarthy
kmccarth at redhat.com
Mon Aug 27 19:48:07 UTC 2007
This patch wraps binary data in an xmlrpclib Binary object. This
removes the need for LDIF conversion. It will make TurboGears direct
code faster, but should keep xmlrpc about the same speed.
The patch also swaps out ldap.cidict for the IPA CIDict class. IPA code
should only use the CIDict class now.
-Kevin
-------------- next part --------------
# HG changeset patch
# User Kevin McCarthy <kmccarth at redhat.com>
# Date 1188243991 25200
# Node ID 1f7f6d34ffbb9cf17bee4e866da818277281ef03
# Parent a5d0d46b898803ed96e217f21f156efe19db181b
Add binary encoding of data at the xmlrpc layer, which removes the LDIF hack.
Change code to use the ipa CIDict.
diff -r a5d0d46b8988 -r 1f7f6d34ffbb ipa-python/entity.py
--- a/ipa-python/entity.py Mon Aug 27 11:30:26 2007 -0700
+++ b/ipa-python/entity.py Mon Aug 27 12:46:31 2007 -0700
@@ -2,6 +2,8 @@ import ldif
import ldif
import re
import cStringIO
+
+import ipa.ipautil
def utf8_encode_value(value):
if isinstance(value,unicode):
@@ -22,8 +24,8 @@ class Entity:
In python-ldap, entries are returned as a list of 2-tuples.
Instance variables:
dn - string - the string DN of the entry
- data - cidict - case insensitive dict of the attributes and values
- orig_data - cidict - case insentiive dict of the original attributes and values"""
+ data - CIDict - case insensitive dict of the attributes and values
+ orig_data - CIDict - case insentiive dict of the original attributes and values"""
def __init__(self,entrydata=None):
"""data is the raw data returned from the python-ldap result method,
@@ -32,19 +34,19 @@ class Entity:
if entrydata:
if isinstance(entrydata,tuple):
self.dn = entrydata[0]
- self.data = ldap.cidict.cidict(entrydata[1])
+ self.data = ipa.ipautil.CIDict(entrydata[1])
elif isinstance(entrydata,str) or isinstance(entrydata,unicode):
self.dn = entrydata
- self.data = ldap.cidict.cidict()
+ self.data = ipa.ipautil.CIDict()
elif isinstance(entrydata,dict):
self.dn = entrydata['dn']
del entrydata['dn']
- self.data = ldap.cidict.cidict(entrydata)
+ self.data = ipa.ipautil.CIDict(entrydata)
else:
self.dn = ''
- self.data = ldap.cidict.cidict()
+ self.data = ipa.ipautil.CIDict()
- self.orig_data = dict(self.data)
+ self.orig_data = ipa.ipautil.CIDict(self.data)
def __nonzero__(self):
"""This allows us to do tests like if entry: returns false if there is no data,
@@ -112,9 +114,7 @@ class Entity:
def toDict(self):
"""Convert the attrs and values to a dict. The dict is keyed on the
attribute name. The value is either single value or a list of values."""
- result = {}
- for k in self.data.keys():
- result[k] = self.data[k]
+ result = ipa.ipautil.CIDict(self.data)
result['dn'] = self.dn
return result
@@ -124,9 +124,7 @@ class Entity:
def origDataDict(self):
"""Returns a dict of the original values of the user. Used for updates."""
- result = {}
- for k in self.orig_data.keys():
- result[k] = self.orig_data[k]
+ result = ipa.ipautil.CIDict(self.orig_data)
result['dn'] = self.dn
return result
diff -r a5d0d46b8988 -r 1f7f6d34ffbb ipa-python/ipaclient.py
--- a/ipa-python/ipaclient.py Mon Aug 27 11:30:26 2007 -0700
+++ b/ipa-python/ipaclient.py Mon Aug 27 12:46:31 2007 -0700
@@ -29,14 +29,6 @@ import group
import group
import ipa
import config
-
-def cidict_to_dict(cid):
- """Convert a cidict to a standard dict for sending across the wire"""
- newdict = {}
- kindex = cid.keys()
- for dkey in kindex:
- newdict[dkey] = cid[dkey]
- return newdict
class IPAClient:
@@ -89,7 +81,7 @@ class IPAClient:
result = self.transport.get_all_users()
all_users = []
- for (attrs) in result:
+ for attrs in result:
if attrs is not None:
all_users.append(user.User(attrs))
@@ -107,7 +99,7 @@ class IPAClient:
result = self.transport.find_users(criteria, sattrs)
users = []
- for (attrs) in result:
+ for attrs in result:
if attrs is not None:
users.append(user.User(attrs))
@@ -165,7 +157,7 @@ class IPAClient:
result = self.transport.find_groups(criteria, sattrs)
groups = []
- for (attrs) in result:
+ for attrs in result:
if attrs is not None:
groups.append(group.Group(attrs))
diff -r a5d0d46b8988 -r 1f7f6d34ffbb ipa-python/ipautil.py
--- a/ipa-python/ipautil.py Mon Aug 27 11:30:26 2007 -0700
+++ b/ipa-python/ipautil.py Mon Aug 27 12:46:31 2007 -0700
@@ -18,6 +18,8 @@
#
from string import lower
+import re
+import xmlrpclib
class CIDict(dict):
"""
@@ -107,3 +109,65 @@ class CIDict(dict):
return (key,value)
+#
+# The safe_string_re regexp and needs_base64 function are extracted from the
+# python-ldap ldif module, which was
+# written by Michael Stroeder <michael at stroeder.com>
+# http://python-ldap.sourceforge.net
+#
+# It was extracted because ipaldap.py is naughtily reaching into the ldif
+# module and squashing this regexp.
+#
+SAFE_STRING_PATTERN = '(^(\000|\n|\r| |:|<)|[\000\n\r\200-\377]+|[ ]+$)'
+safe_string_re = re.compile(SAFE_STRING_PATTERN)
+
+def needs_base64(s):
+ """
+ returns 1 if s has to be base-64 encoded because of special chars
+ """
+ return not safe_string_re.search(s) is None
+
+
+def wrap_binary_data(data):
+ """Converts all binary data strings into Binary objects for transport
+ back over xmlrpc."""
+ if isinstance(data, str):
+ if needs_base64(data):
+ return xmlrpclib.Binary(data)
+ else:
+ return data
+ elif isinstance(data, list) or isinstance(data,tuple):
+ retval = []
+ for value in data:
+ retval.append(wrap_binary_data(value))
+ return retval
+ elif isinstance(data, dict):
+ retval = {}
+ for (k,v) in data.iteritems():
+ retval[k] = wrap_binary_data(v)
+ return retval
+ else:
+ return data
+
+
+def unwrap_binary_data(data):
+ """Converts all Binary objects back into strings."""
+ if isinstance(data, xmlrpclib.Binary):
+ # The data is decoded by the xmlproxy, but is stored
+ # in a binary object for us.
+ return str(data)
+ elif isinstance(data, str):
+ return data
+ elif isinstance(data, list) or isinstance(data,tuple):
+ retval = []
+ for value in data:
+ retval.append(unwrap_binary_data(value))
+ return retval
+ elif isinstance(data, dict):
+ retval = {}
+ for (k,v) in data.iteritems():
+ retval[k] = unwrap_binary_data(v)
+ return retval
+ else:
+ return data
+
diff -r a5d0d46b8988 -r 1f7f6d34ffbb ipa-python/rpcclient.py
--- a/ipa-python/rpcclient.py Mon Aug 27 11:30:26 2007 -0700
+++ b/ipa-python/rpcclient.py Mon Aug 27 12:46:31 2007 -0700
@@ -29,7 +29,7 @@ import base64
import base64
import user
import ipa
-from ipa import ipaerror
+from ipa import ipaerror, ipautil
# Some errors to catch
# http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec&rev=1.6&view=auto
@@ -83,7 +83,7 @@ class RPCClient:
except socket.error, (value, msg):
raise xmlrpclib.Fault(value, msg)
- return result
+ return ipautil.unwrap_binary_data(result)
def get_user_by_dn(self,dn,sattrs=None):
"""Get a specific user. If sattrs is not None then only those
@@ -99,7 +99,7 @@ class RPCClient:
except socket.error, (value, msg):
raise xmlrpclib.Fault(value, msg)
- return result
+ return ipautil.unwrap_binary_data(result)
def add_user(self,user,user_container=None):
"""Add a new user. Takes as input a dict where the key is the
@@ -111,13 +111,14 @@ class RPCClient:
user_container = "__NONE__"
try:
- result = server.add_user(user, user_container)
- except xmlrpclib.Fault, fault:
- raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
- except socket.error, (value, msg):
- raise xmlrpclib.Fault(value, msg)
-
- return result
+ result = server.add_user(ipautil.wrap_binary_data(user),
+ user_container)
+ except xmlrpclib.Fault, fault:
+ raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+ except socket.error, (value, msg):
+ raise xmlrpclib.Fault(value, msg)
+
+ return ipautil.unwrap_binary_data(result)
def get_add_schema(self):
"""Get the list of attributes we need to ask when adding a new
@@ -134,7 +135,7 @@ class RPCClient:
except socket.error, (value, msg):
raise xmlrpclib.Fault(value, msg)
- return result
+ return ipautil.unwrap_binary_data(result)
def get_all_users (self):
"""Return a list containing a User object for each existing user."""
@@ -147,7 +148,7 @@ class RPCClient:
except socket.error, (value, msg):
raise xmlrpclib.Fault(value, msg)
- return result
+ return ipautil.unwrap_binary_data(result)
def find_users (self, criteria, sattrs=None):
"""Return a list containing a User object for each user that matches
@@ -164,20 +165,21 @@ class RPCClient:
except socket.error, (value, msg):
raise xmlrpclib.Fault(value, msg)
- return result
+ return ipautil.unwrap_binary_data(result)
def update_user(self,olduser,newuser):
"""Update an existing user. olduser and newuser are dicts of attributes"""
server = self.setup_server()
try:
- result = server.update_user(olduser, newuser)
- except xmlrpclib.Fault, fault:
- raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
- except socket.error, (value, msg):
- raise xmlrpclib.Fault(value, msg)
-
- return result
+ result = server.update_user(ipautil.wrap_binary_data(olduser),
+ ipautil.wrap_binary_data(newuser))
+ except xmlrpclib.Fault, fault:
+ raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+ except socket.error, (value, msg):
+ raise xmlrpclib.Fault(value, msg)
+
+ return ipautil.unwrap_binary_data(result)
def mark_user_deleted(self,uid):
"""Mark a user as deleted/inactive"""
@@ -190,7 +192,7 @@ class RPCClient:
except socket.error, (value, msg):
raise xmlrpclib.Fault(value, msg)
- return result
+ return ipautil.unwrap_binary_data(result)
# Group support
@@ -208,7 +210,7 @@ class RPCClient:
except socket.error, (value, msg):
raise xmlrpclib.Fault(value, msg)
- return result
+ return ipautil.unwrap_binary_data(result)
def get_group_by_dn(self,dn,sattrs=None):
"""Get a specific group. If sattrs is not None then only those
@@ -224,7 +226,7 @@ class RPCClient:
except socket.error, (value, msg):
raise xmlrpclib.Fault(value, msg)
- return result
+ return ipautil.unwrap_binary_data(result)
def add_group(self,group,group_container=None):
"""Add a new group. Takes as input a dict where the key is the
@@ -236,7 +238,8 @@ class RPCClient:
group_container = "__NONE__"
try:
- result = server.add_group(group, group_container)
+ result = server.add_group(ipautil.wrap_binary_data(group),
+ group_container)
except xmlrpclib.Fault, fault:
raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
except socket.error, (value, msg):
@@ -257,7 +260,7 @@ class RPCClient:
except socket.error, (value, msg):
raise xmlrpclib.Fault(value, msg)
- return result
+ return ipautil.unwrap_binary_data(result)
def add_user_to_group(self, user, group):
"""Add a user to an existing group.
@@ -266,13 +269,14 @@ class RPCClient:
"""
server = self.setup_server()
try:
- result = server.add_user_to_group(user, group)
- except xmlrpclib.Fault, fault:
- raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
- except socket.error, (value, msg):
- raise xmlrpclib.Fault(value, msg)
-
- return result
+ result = server.add_user_to_group(ipautil.wrap_binary_data(user),
+ ipautil.wrap_binary_data(group))
+ except xmlrpclib.Fault, fault:
+ raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+ except socket.error, (value, msg):
+ raise xmlrpclib.Fault(value, msg)
+
+ return ipautil.unwrap_binary_data(result)
def add_users_to_group(self, users, group):
"""Add several users to an existing group.
@@ -283,13 +287,14 @@ class RPCClient:
"""
server = self.setup_server()
try:
- result = server.add_users_to_group(users, group)
- except xmlrpclib.Fault, fault:
- raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
- except socket.error, (value, msg):
- raise xmlrpclib.Fault(value, msg)
-
- return result
+ result = server.add_users_to_group(ipautil.wrap_binary_data(users),
+ ipautil.wrap_binary_data(group))
+ except xmlrpclib.Fault, fault:
+ raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+ except socket.error, (value, msg):
+ raise xmlrpclib.Fault(value, msg)
+
+ return ipautil.unwrap_binary_data(result)
def remove_user_from_group(self, user, group):
"""Remove a user from an existing group.
@@ -298,13 +303,14 @@ class RPCClient:
"""
server = self.setup_server()
try:
- result = server.remove_user_from_group(user, group)
- except xmlrpclib.Fault, fault:
- raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
- except socket.error, (value, msg):
- raise xmlrpclib.Fault(value, msg)
-
- return result
+ result = server.remove_user_from_group(ipautil.wrap_binary_data(user),
+ ipautil.wrap_binary_data(group))
+ except xmlrpclib.Fault, fault:
+ raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+ except socket.error, (value, msg):
+ raise xmlrpclib.Fault(value, msg)
+
+ return ipautil.unwrap_binary_data(result)
def remove_users_from_group(self, users, group):
"""Remove several users from an existing group.
@@ -315,23 +321,26 @@ class RPCClient:
"""
server = self.setup_server()
try:
- result = server.remove_users_from_group(users, group)
- except xmlrpclib.Fault, fault:
- raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
- except socket.error, (value, msg):
- raise xmlrpclib.Fault(value, msg)
-
- return result
+ result = server.remove_users_from_group(
+ ipautil.wrap_binary_data(users),
+ ipautil.wrap_binary_data(group))
+ except xmlrpclib.Fault, fault:
+ raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+ except socket.error, (value, msg):
+ raise xmlrpclib.Fault(value, msg)
+
+ return ipautil.unwrap_binary_data(result)
def update_group(self,oldgroup,newgroup):
"""Update an existing group. oldgroup and newgroup are dicts of attributes"""
server = self.setup_server()
try:
- result = server.update_group(oldgroup, newgroup)
- except xmlrpclib.Fault, fault:
- raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
- except socket.error, (value, msg):
- raise xmlrpclib.Fault(value, msg)
-
- return result
+ result = server.update_group(ipautil.wrap_binary_data(oldgroup),
+ ipautil.wrap_binary_data(newgroup))
+ except xmlrpclib.Fault, fault:
+ raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+ except socket.error, (value, msg):
+ raise xmlrpclib.Fault(value, msg)
+
+ return ipautil.unwrap_binary_data(result)
diff -r a5d0d46b8988 -r 1f7f6d34ffbb ipa-server/ipaserver/ipaldap.py
--- a/ipa-server/ipaserver/ipaldap.py Mon Aug 27 11:30:26 2007 -0700
+++ b/ipa-server/ipaserver/ipaldap.py Mon Aug 27 12:46:31 2007 -0700
@@ -39,7 +39,7 @@ from ldap.modlist import modifyModlist
from ldap.ldapobject import SimpleLDAPObject
-from ipa import ipaerror
+from ipa import ipaerror, ipautil
class Entry:
"""This class represents an LDAP Entry object. An LDAP entry consists of a DN
@@ -47,7 +47,7 @@ class Entry:
values. In python-ldap, entries are returned as a list of 2-tuples.
Instance variables:
dn - string - the string DN of the entry
- data - cidict - case insensitive dict of the attributes and values"""
+ data - CIDict - case insensitive dict of the attributes and values"""
def __init__(self,entrydata):
"""data is the raw data returned from the python-ldap result method, which is
@@ -56,13 +56,13 @@ class Entry:
if entrydata:
if isinstance(entrydata,tuple):
self.dn = entrydata[0]
- self.data = ldap.cidict.cidict(entrydata[1])
+ self.data = ipautil.CIDict(entrydata[1])
elif isinstance(entrydata,str) or isinstance(entrydata,unicode):
self.dn = entrydata
- self.data = ldap.cidict.cidict()
+ self.data = ipautil.CIDict()
else:
self.dn = ''
- self.data = ldap.cidict.cidict()
+ self.data = ipautil.CIDict()
def __nonzero__(self):
"""This allows us to do tests like if entry: returns false if there is no data,
diff -r a5d0d46b8988 -r 1f7f6d34ffbb ipa-server/xmlrpc-server/funcs.py
--- a/ipa-server/xmlrpc-server/funcs.py Mon Aug 27 11:30:26 2007 -0700
+++ b/ipa-server/xmlrpc-server/funcs.py Mon Aug 27 12:46:31 2007 -0700
@@ -98,36 +98,19 @@ class IPAServer:
return "dn:" + ent.dn
def convert_entry(self, ent):
-
- # Convert to LDIF
- entry = str(ent)
-
- # Strip off any junk
- entry = entry.strip()
-
- # Don't need to identify binary fields and this breaks the parser so
- # remove double colons
- entry = entry.replace('::', ':')
- specs = [spec.split(':') for spec in entry.split('\n')]
-
- # Convert into a dict. We need to handle multi-valued attributes as well
- # so we'll convert those into lists.
- obj={}
- for (k,v) in specs:
- k = k.lower()
- if obj.get(k) is not None:
- if isinstance(obj[k],list):
- obj[k].append(v.strip())
- else:
- first = obj[k]
- obj[k] = []
- obj[k].append(first)
- obj[k].append(v.strip())
- else:
- obj[k] = v.strip()
-
- return obj
-
+ entry = dict(ent.data)
+ entry['dn'] = ent.dn
+ # For now convert single entry lists to a string for the ui.
+ # TODO: we need to deal with multi-values better
+ for key,value in entry.iteritems():
+ if isinstance(value,list) or isinstance(value,tuple):
+ if len(value) == 0:
+ entry[key] = ''
+ elif len(value) == 1:
+ entry[key] = value[0]
+ return entry
+
+
def __get_entry (self, base, filter, sattrs=None, opts=None):
"""Get a specific entry. Return as a dict of values.
Multi-valued fields are represented as lists.
diff -r a5d0d46b8988 -r 1f7f6d34ffbb ipa-server/xmlrpc-server/ipaxmlrpc.py
--- a/ipa-server/xmlrpc-server/ipaxmlrpc.py Mon Aug 27 11:30:26 2007 -0700
+++ b/ipa-server/xmlrpc-server/ipaxmlrpc.py Mon Aug 27 12:46:31 2007 -0700
@@ -35,7 +35,7 @@ from mod_python import apache
import ipaserver
import funcs
-from ipa import ipaerror
+from ipa import ipaerror, ipautil
import string
import base64
@@ -167,14 +167,14 @@ class ModXMLRPCRequestHandler(object):
if func is None:
raise Fault(1, "Invalid method: %s" % method)
- args = list(params)
+ args = list(ipautil.unwrap_binary_data(params))
for i in range(len(args)):
if args[i] == '__NONE__':
args[i] = None
ret = func(*args)
- return ret
+ return ipautil.wrap_binary_data(ret)
def multiCall(self, calls):
"""Execute a multicall. Execute each method call in the calls list, collecting
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2228 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070827/1b8d9d3a/attachment.bin>
More information about the Freeipa-devel
mailing list